The German Supply Chain Due Diligence Act

Since the beginning of 2023, larger companies in Germany have had to comply with the Supply Chain Due Diligence Act (LkSG). We explain the most important requirements, give tips on specific implementation and show the differences to the upcoming EU Supply Chain Directive.

What is the Supply Chain Due Diligence Act?

The German Act on Corporate Due Diligence to Prevent Human Rights Violations in Supply Chains (Lieferkettensorgfaltspflichtengesetz or Lieferkettengesetz for short) commits companies to fulfilling their responsibility in the supply chain with regard to respecting internationally recognised human rights and certain environmental standards.

The law was promulgated in the German Federal Law Gazette on 22 July 2021 and has been in force since 1 January 2023.

The Supply Chain Act refers to the UN Guiding Principles on Business and Human Rights (UN Guiding Principles). Compliance with due diligence obligations is intended to strengthen human rights and environmental protection in global supply chains. In addition, the interests of companies in terms of legal certainty and fair competitive conditions should also be taken into account.

To whom does the Supply Chain Due Diligence Act apply?

Companies with their head office, principal place of business, administrative headquarters, registered office or branch office in Germany are addressed. The law also applies to German branches of foreign companies.

The Supply Chain Act initially applies to all companies with more than 3,000 employees in Germany from 2023. In the second step (since January 2024), companies with at least 1,000 employees in Germany have to also comply with the requirements.

What do affected companies have to consider under the LkSG?

The LkSG establishes due diligence obligations to comply with existing international agreements on human rights and environmental standards. These obligations exist within the limits of reasonableness, thus giving companies a certain amount of room for manoeuvre and also extend to direct suppliers in addition to their own business area.

Companies should establish a comprehensive risk management system and carry out regular risk analyses. Risk management must be integrated into the respective business processes, such as supplier selection. There are extensive documentation obligations, such as an annual report to be published in which the company presents risks in the supply chain, countermeasures and external effects for future activities. A policy statement on respect for human rights must be drawn up.

In addition, a complaints mechanism must be set up.

Which offences are covered by the Supply Chain Act?

The companies concerned are responsible for ensuring that their suppliers do not violate human rights and environmental protection. This includes forced labour, child labour and discrimination. The law also serves to protect against land theft, occupational health and safety, the right to fair wages, the right to form trade unions, and protection against environmental violations.

What must companies do if violations are detected in the supply chain?

In the event of a violation in the company’s own domestic business area, remedial measures must be taken immediately, which must lead to the termination of the violation (Section 7 (1) LkSG).

In the case of direct suppliers, the responsible companies must immediately draw up a concept for termination or minimisation if the breach cannot be terminated in the foreseeable future. Direct suppliers (Section 2 (7) LkSG) are parties to a contract for the supply of goods or the provision of services whose supplies are necessary for the manufacture of the company’s product or for the provision and utilisation of the service in question.

Indirect suppliers (Section 2 (8) LkSG) are only passively monitored. These are companies whose supplies are not necessary for the manufacture of the company’s product or for the provision and utilisation of the relevant service. However, the term is to be defined broadly and also includes subcontractors (such as cleaning services). The implementation of due diligence obligations also includes risks associated with indirect suppliers. In the event of substantiated knowledge, i.e. actual indications, immediate measures must be taken, namely a risk analysis and appropriate preventive measures in the form of control measures. The complaints procedure also extends to indirect suppliers.

Recommendations for the introduction of a risk management system

Own business division and direct suppliers

It is necessary to define who in the company is responsible for monitoring risk management.

The basis of the risk management system is the preliminary review of the entire supply chain. All suppliers should be identified and checked for their risk potential. A strategy for further action should be jointly agreed and implemented with suppliers who are assessed as critical.

As part of the risk analysis, a procedure for identifying adverse effects on human rights must be implemented. This takes place annually and also on an ad hoc basis.

A policy statement on respect for human rights describes the risk management system and outlines all relevant risks.

Implementation of the human rights strategy defined in the policy. Annual and case-by-case review of the requirements.

Establishment of a to enable complaints from affected parties. The procedure is reviewed in the same cycles as the risk analyses.

Immediate remediation if a human rights violation is imminent or has already occurred. Develop a concrete plan with the immediate supplier to reduce the violation and prevent it in the future if the company cannot stop the violation itself in the foreseeable future.

Ongoing documentation and preparation of a report to be published annually.

Indirect suppliers

The following due diligence measures are only required on an ad hoc basis if the company becomes aware of a possible violation by an indirect supplier:

  • Carry out a risk analysis.
  • Define a concept to minimise and avoid the violation of human rights.
  • Determine appropriate preventive measures vis-à-vis the perpetrator of the human rights violation.
  • Set up a complaints mechanism.

What are the penalties for non-compliance with the Supply Chain Act?

If companies fail to comply with their legal obligations, fines of up to EUR 800,000 or EUR 8 million for legal entities and associations or up to 2 % of annual global turnover can be imposed. The turnover-related fines only apply to companies with an annual turnover of more than EUR 400 million.

The Federal Office of Economics and Export Control (BAFA) is responsible for the inspection. The inspection powers include entering business premises, requesting information and inspecting documents. BAFA can also request companies to take specific actions to fulfil their obligations and enforce this by imposing fines.

Outlook for the EU Supply Chain Directive

On 24 April 2024, a majority of MEPs in the EU Parliament voted in favour of the European Supply Chain Directive. The aim is to ensure global compliance with human rights standards and to strengthen environmental protection.

The EU member states must transpose the directive into national law within two years. Germany may then have to revise and tighten up its existing supply chain law.


The current version of the German Supply Chain Due Diligence Act contains numerous and complex requirements, at least for larger companies. The general and unspecific legal standardisation allows for adaptation to the respective company environment. However, this requires legal expertise; affected companies should seek advice from suitably experienced compliance lawyers when setting up a supply chain risk management system.

The European Directive will lower the thresholds for applicability and also address medium-sized companies. It remains to be seen what experience the German legislator will have gained by then and how the EU directive will be implemented in a revision of the German Supply Chain Due Diligence Act.

Compliance as a competitive advantage

We make data-driven business models possible - in full compliance with data protection law!

Contact us!

Secure the knowledge of our experts!

Subscribe to our free newsletter: